UVA Identity Token Authentication
Token User Agreement
The UVA Identity token is supplied as a means to identify yourself strongly to University computer systems. Some University systems require this level of authentication due to the types of data they contain or the services they control. You must protect your token and not share its password with anyone.
The following agreement must be signed by anyone who is issued a UVA Identity Token. The agreement form is supplied at the time of issuance when the identity of the recipient is verified. The text of the Token Agreement is provided here for review and reference:
By receiving this token, I agree to:
- Not share my UVA Identity Token hardware device with anyone, including my family members or co-workers, nor will I allow anyone to have access to it.
- Protect my UVA Identity Token and its password and not share the password with anyone. This includes keeping the token with me or in a locked drawer or cabinet when not in use. If I leave my workstation for 1 or 2 minutes, I will lock the workstation with a password required to unlock it. If leaving my workstation unattended for more than a few minutes, I will remove the Token and disconnect all sessions having access to sensitive data.
- Inform the UVA Certificate Authority (firstname.lastname@example.org and email@example.com) immediately if I believe that the security of my UVA Identity Token has been compromised (meaning lost, stolen, or accessed by anyone other than the named user).
- Return the UVA Identity Token to the Information Security Access Management Office should I leave (or become no longer affiliated with) the University.
- Understand that when I use the digital certificate on my UVA Identity Token to access remote services that I am providing the remote server with my name and UVA Computing ID.
- Observe standard security procedures on my workstation including running antivirus software, using a password-protected screensaver with no more than a 10-minute lock setting, and configuring my workstation so that a login is required to use it.